CVE-2017-14896

Name of the Vulnerable Software and Affected Versions Android for MSM (affected versions not specified) Firefox OS for MSM (affected versions not specified) QRD Android (affected versions not specified)

Description The issue is related to a memory allocation problem in the mobicore driver, where there is no validation of the length field. This can lead to an undersize buffer allocation, potentially resulting in a kernel memory overwrite.

Recommendations For Android for MSM, consider applying configuration changes to the mobicore driver to validate the length field for memory allocation. For Firefox OS for MSM, restrict access to the mobicore driver until a proper fix is applied. For QRD Android, as a temporary workaround, consider disabling the mobicore driver to prevent potential kernel memory overwrites. At the moment, there is no information about a newer version that contains a fix for this vulnerability.